2017 and Information Security - Cyber Security Informer

SiteLock INFINITY for the 2017 Cybersecurity Excellence Awards

SiteLock

AUGUST 27, 2021

The Cybersecurity Excellence Awards recognize companies, products and individuals that demonstrate excellence, innovation and leadership in information security. Thank you to all who voted for SiteLock INFINITY for the 2017 Cybersecurity Excellence Awards. About SiteLock INFINITY. We look forward to next year’s award season!

Cybersecurity

Cybersecurity Malware Technology Information Security

Google mitigated a 2.54 Tbps DDoS attack in 2017, the largest DDoS ever seen

Security Affairs

OCTOBER 16, 2020

The Google Cloud team revealed that in September 2017 it has mitigated DDoS attack that reached 2.54 The Google Cloud team revealed that back in September 2017 it has mitigated a powerful DDoS attack that clocked at 2.54 Tbps DDoS in September 2017, the culmination of a six-month campaign that utilized multiple methods of attack.

DDOS

DDOS DNS Advertising Engineering

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. The post Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Advertising Malware Engineering

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

JUNE 10, 2019

The spam messages are sent in various European languages, threat actors are exploiting the Microsoft Office and Wordpad CVE-2017-11882 vulnerability. pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. Windows Defender ATP detects the documents as Exploit:O97M/CVE-2017-11882.AD

Security Intelligence

Security Intelligence Advertising Malware Information Security

2017 Data Breach Will Cost Equifax at Least $1.38 Billion

Dark Reading

JANUARY 15, 2020

million as breach compensation and spend another $1 billion on transforming its information security over the next five years. Company agrees to set aside a minimum of $380.5 The 147 million US consumers affected by the breach have one week from today to file a claim.

Data breaches

Data breaches Information Security

SQL Injection in Today’s Landscape

Veracode Security

FEBRUARY 17, 2022

Injection flaws were the number one flaw category under the OWASP 2017, and, currently, injection flaws hold the number three spot in the OWASP 2021. SQL injection flaws have impacted every industry as well as enterprises that already have a mature information security program in place. It can happen, and it can be catastrophic!

Authentication

Authentication Information Security

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

billion insurance claim for the losses caused by the NotPetya attack that took place in 2017. In August 2017, the pharmaceutical company revealed that the massive NotPetya cyberattack disrupted its worldwide operations. Merck filed a $1.4

Insurance

Insurance Manufacturing Ransomware Healthcare

Gafgyt botnet is targeting EoL Zyxel routers

Security Affairs

AUGUST 11, 2023

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel P660HN-T1A router. Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019.

Firmware

Firmware Hacking Cybercrime Information Security

Germany's BSI warns against Kaspersky AV over spying concerns

CSO Magazine

MARCH 16, 2022

Germany’s Federal Office for Information Security (BSI) has warned businesses against using Kaspersky virus protection products amid concerns of Russian technology being coerced by Russian government agents and forced to attack target systems against its will or spied on. federal agencies in 2017.

Government

Government Technology Information Security

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” ” reads the press release published by DoJ.

Cryptocurrency

Cryptocurrency Spyware Cybercrime Hacking

StripedFly, a complex malware that infected one million devices without being noticed

Security Affairs

OCTOBER 30, 2023

Further analysis revealed that the malware has been used since at least 2017. Kaspersky discovered that the detections between 2017 and 2022 had previously misclassified as a cryptocurrency miner. Kaspersky researchers discovered that over one million updates have been downloaded from the C2 infrastructure since 2017.

Malware

Malware Cryptocurrency Ransomware Hacking

Alleged FruitFly malware creator ruled incompetent to stand trial

Malwarebytes

JANUARY 16, 2024

On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. This can take years, however.

Malware

Malware Passwords Identity Theft Data collection

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Security Affairs

FEBRUARY 2, 2024

. “SCHULTE’s theft is the largest data breach in the history of the CIA, and his transmission of that stolen information to WikiLeaks is one of the largest unauthorized disclosures of classified information in the history of the U.S.”

Computers and Electronics

Computers and Electronics Engineering Hacking Data breaches

Telstra Telecom discloses data breach impacting former and current employees

Security Affairs

OCTOBER 5, 2022

Narelle Devine, the company’s chief information security officer for the Asia Pacific region, added that no customer account information was stored on the third-party platform. It seems that the security breach also impacted other companies. to several other organisations.

Data breaches

Data breaches Telecommunications Accountability Information Security

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

Below is the list of the vulnerabilities added to the catalog: CVE ID Description Patch Deadline CVE-2021-36934 Microsoft Windows SAM Local Privilege Escalation Vulnerability 2/24/2022 CVE-2020-0796 Microsoft SMBv3 Remote Code Execution Vulnerability 8/10/2022 CVE-2018-1000861 Jenkins Stapler Web Framework Deserialization of Untrusted Data 8/10/2022 (..)

IoT

IoT Accountability Authentication Hacking

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” Latha Maripuri, Uber’s chief information security officer, told NYT via email. This is not the first time that the company suffered a security breach.

Hacking

Hacking Data breaches Engineering Information Security

SynAck ransomware gang releases master decryption keys for old victims

Security Affairs

AUGUST 13, 2021

The news was first reported by TheRecord website, the master decryption keys work for victims that were infected between July 2017 and early 2021. “The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.”

Ransomware

Ransomware Authentication Malware Hacking

CASMM (The Consumer Authentication Strength Maturity Model)

Daniel Miessler

MARCH 24, 2021

Related posts: My RSA 2017 Recap. Try not to skip steps, i.e., it’s best to make the move to unique, quality passwords stored in a manager before you add 2FA. Thanks to Troy Hunt, Anton Chuvakin, and Tim Dierks for spawning the idea for this. The Real Internet of Things: Details and Examples.

Authentication

Authentication Passwords Internet Internet

Nigerian National pleads guilty to participating in a millionaire BEC scheme

Security Affairs

SEPTEMBER 24, 2023

The man was extradited from Canada to the United States on April 12, 2023. “According to his plea agreement, from February 2017 until at least July 2017, Simon-Ebo conspired with others to perpetrate a BEC scheme.” According to the US authorities, fraudulent activities caused losses of more than $6 million to the victims.

Accountability

Accountability Banking Hacking Cybercrime

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

NOVEMBER 22, 2019

For example, there's Dun & Bradstreet's NetProspex which leaked 33M records in 2017 , Exactis who had 132M records breached last year and the Apollo data breach which exposed 126M accounts, one of which was my own. i speak at conferences around the world and run workshops on how to build more secure software within organisations.

Data breaches

Data breaches Technology Software Accountability

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic Wolf) targeting telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

Media

Media Accountability Telecommunications Government

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. ” reported the Tagesschau website.

Hacking

Hacking Accountability Malware Cybersecurity

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement.

Antivirus

Antivirus Software Manufacturing Information Security

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Security Affairs

JANUARY 2, 2022

Year Total Money Lost ($) Year Increase In Money Lost (%) 2021 4,250,000,000 2020 – 2021 185% 2020 1,490,000,000 2019 – 2020 -57% 2019 3,500,156,000 2018 – 2019 259% 2018 974,000,000 2017 – 2018 51% 2017 645,901,000 2016 – 2017 341% 2016 146,509,000 2015 – 2016 -64%. The top 5 breaches in history are: 1. Gox, $615M.

Cryptocurrency

Cryptocurrency Scams Marketing Hacking

The Essential Guide to Radio Frequency Penetration Testing

Pen Test

OCTOBER 12, 2023

It endeavors to elucidate the underlying methodology, a comprehensive array of tools employed, and the typical vulnerabilities that security experts strategically target (Anderson & White, 2017). It encompasses a range of electromagnetic radio waves utilized for wireless information transmission. IEEE Access, 6, 12725-12738.

Penetration Testing

Penetration Testing Wireless IoT Technology

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

The bot uses exploits for multiple vulnerabilities, including CVE-2014-6287 , CVE-2018-1000861 , CVE-2017-10271 , ThinkPHP RCE vulnerabilities (CVE-2018-20062) , CVE-2018-7600 , CVE-2017-9791 , CVE-2019-9081 , PHPStudy Backdoor RCE , CVE-2017-0144 , CVE-2017-0145 , and CVE-2017-8464.

DDOS

DDOS Malware Advertising Passwords

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. The vulnerability affects the MS Office component EQNEDT32.EXE

Antivirus

Antivirus Encryption Malware Hacking

The number of devices infected by the MyloBot botnet is rapidly increasing

Security Affairs

FEBRUARY 22, 2023

The MyloBot botnet has been active since 2017 and was first detailed by cybersecurity firm Deep Instinct in 2018. The first sample of the bot analyzed by the experts (dated October 20, 2017) had three different stages. Researchers warn that the MyloBot botnet is rapidly spreading and it is infecting thousands of systems worldwide.

Advertising

Advertising Hacking Cybersecurity Information Security

North Korea-linked actors breached the emails of a Presidential Office member

Security Affairs

FEBRUARY 15, 2024

panel of experts announced an investigation into 58 suspected North Korean cyberattacks between 2017 and 2023 valued at approximately $3 billion. North Korea-linked APT groups are also known to be focused on attacks against crypto exchange and financial organizations in South Korea. Recently, a U.N.

Hacking

Hacking Government Accountability Information Security

Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak

Security Affairs

JULY 14, 2022

Former CIA programmer, Joshua Schulte, was convicted in a US federal court of the 2017 leak of a massive leak to WikiLeaks. The former CIA programmer Joshua Schulte (33) was found guilty in New York federal court of stealing the agency’s hacking tools and leaking them to WikiLeaks in 2017.

Engineering

Engineering Hacking Mobile IoT

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

Security Affairs

FEBRUARY 22, 2021

In 2017, the Shadow Brokers hacking group released a collection of hacking tools allegedly stolen from the US NSA, most of them exploited zero-day flaws in popular software. ““EpMe”, the Equation Group exploit for CVE-2017-0005, is one of 4 different LPE exploits included in the DanderSpritz attack framework. Pierluigi Paganini.

Hacking

Hacking Malware Software Information Security

Microsoft fixed two zero-day bugs exploited in malware attacks

Security Affairs

APRIL 11, 2024

Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017.

Malware

Malware DNS Mobile Software

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to provide technical details on a new wave of attacks delivering the KONNI remote access Trojan (RAT). The KONNI malware also employed in at least two campaigns in 2017.

Phishing

Phishing Malware Advertising Architecture

APT37 used Internet Explorer Zero-Day in a recent campaign

Security Affairs

DECEMBER 8, 2022

Using this technique the attackers are able to trigger IE zero-day using weaponized Office documents since 2017 (e.g. CVE-2017-0199 ). Experts pointed out that Office renders this HTML content using Internet Explorer (IE). TAG determined that the APT group abused the zero-day vulnerability in the JScript engine of Internet Explorer.

Internet

Internet Internet Engineering Malware

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. The RCMP arrested Bloom in December 2017, and said he made approximately $250,000 selling hacked data, which included information on 37 million user accounts leaked in the 2015 Ashley Madison breach.

Hacking

Hacking Accountability Data breaches Marketing

Emsisoft releases free SynAck ransomware decryptor

Security Affairs

AUGUST 20, 2021

The master decryption keys work for victims that were infected between July 2017 and early 2021. The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.”. The gang has now rebranded as the new El_Cometa group.

Ransomware

Ransomware Encryption Authentication Internet

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Security Affairs

FEBRUARY 15, 2021

The French security agency ANSSI is warming of a series of attacks targeting Centreon monitoring software used by multiple French organizations and attributes them to the Russia-linked Sandworm APT group. The first attack spotted by ANSSI experts dates back to the end of 2017 and the campaign continued until 2020.

VPN

VPN Software Internet Internet

TA547 targets German organizations with Rhadamanthys malware

Security Affairs

APRIL 12, 2024

TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting multiple campaigns to deliver a variety of Android and Windows malware, including DanaBot , Gootkit , Lumma stealer , NetSupport RAT , Ursnif , and ZLoader.

Malware

Malware Social Engineering Retail Engineering

Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin

Security Affairs

FEBRUARY 14, 2020

An American was charged with money laundering while operating the dark web Helix Bitcoin mixer service between 2014 and 2017. Larry Dean Harmon (36), from Akron, Ohio, was charged with laundering more than $310 million worth of Bitcoin while he was operating a Darknet-based cryptocurrency laundering service between 2014 and 2017.

Cryptocurrency

Cryptocurrency Advertising Cybercrime Engineering

Hacker is targeting DNA sequencer applications from Iranian IP address

Security Affairs

JUNE 17, 2019

Starting from June 12, 2019, the researcher Ankit Anubhav from NewSky Security, observed threat actors targeting Web-based DNA sequencer applications. The attackers are leveraging a still-unpatched zero-day vulnerability, tracked as CVE-2017-6526 , to gain full control over the targeted systems. IP address that is located in Iran.

DDOS

DDOS Advertising IoT Marketing

A cyber attack hit Nissan Oceania

Security Affairs

DECEMBER 7, 2023

The software engineer Tillie Kottmann was informed by an anonymous source that the Git server was exposed online and accessible to anyone using the default login credentials admin/admin. In December 2017, Nissan Finance Canada was hacked , personal information of 1.13

Cyber Attacks

Cyber Attacks Financial Services Scams Data breaches

Experts spotted a backdoor that borrows code from CIA’s Hive malware

Security Affairs

JANUARY 16, 2023

. “ Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA.”. Additional analysis revealed that the malware borrows code from the Hive project that was leaked in 2017 as part of Vault 8 series.

Malware

Malware Encryption Authentication Hacking

Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye

Security Affairs

DECEMBER 24, 2020

91541, 91534 CVE-2014-1812 05/13/2014 Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486) 9 91148, 90951 CVE-2020-0688 02/11/2020 Microsoft Exchange Server Security Update for February 2020 8.8 50098 CVE-2016-0167 04/12/2016 Microsoft Windows Graphics Component Security Update (MS16-039) 7.8

Hacking

Hacking Cyber Attacks Passwords Software

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

JUNE 17, 2021

Levashov used these services on and off from at least May 2014 until his arrest in April 2017 and paid the operators of the crypting services approximately $3,000 per month” reads the criminal compliant. Koshkin was arrested in California in September 2019 , while Tsurkan was arrested in April 2017.

Antivirus

Antivirus Malware Cryptocurrency Software

SiteLock INFINITY for the 2017 Cybersecurity Excellence Awards

Google mitigated a 2.54 Tbps DDoS attack in 2017, the largest DDoS ever seen

Trending Sources

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

2017 Data Breach Will Cost Equifax at Least $1.38 Billion

SQL Injection in Today’s Landscape

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Gafgyt botnet is targeting EoL Zyxel routers

Germany's BSI warns against Kaspersky AV over spying concerns

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

StripedFly, a complex malware that infected one million devices without being noticed

Alleged FruitFly malware creator ruled incompetent to stand trial

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Telstra Telecom discloses data breach impacting former and current employees

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Uber hacked, internal systems and confidential documents were allegedly compromised

SynAck ransomware gang releases master decryption keys for old victims

CASMM (The Consumer Authentication Strength Maturity Model)

Nigerian National pleads guilty to participating in a millionaire BEC scheme

Data Enrichment, People Data Labs and Another 622M Email Addresses

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Russian APT28 hacker accused of the NATO think tank hack in Germany

The German BSI agency recommends replacing Kaspersky antivirus software

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

The Essential Guide to Radio Frequency Penetration Testing

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Chinese actors behind attacks on industrial enterprises and public institutions

The number of devices infected by the MyloBot botnet is rapidly increasing

North Korea-linked actors breached the emails of a Presidential Office member

Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

Microsoft fixed two zero-day bugs exploited in malware attacks

CISA warns of phishing attacks delivering KONNI RAT

APT37 used Internet Explorer Zero-Day in a recent campaign

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Emsisoft releases free SynAck ransomware decryptor

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

TA547 targets German organizations with Rhadamanthys malware

Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin

Hacker is targeting DNA sequencer applications from Iranian IP address

A cyber attack hit Nissan Oceania

Experts spotted a backdoor that borrows code from CIA’s Hive malware

Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Stay Connected